Your Basket
Cyber security for any size of business
CREST member company
Team of friendly certified experts
Hedgehog Security Cyber Security Services, penetration testing, cyber essentials, vulnerability scanning and cyber essentials assessments. Hedgehog Security Cyber Security Services, penetration testing, cyber essentials, vulnerability scanning and cyber essentials assessments.

Get Cyber Secure before Christmas

Christmas is coming soon. Are you Cyber Secure and ready for the festive period? The criminals already have!

What we do

Join over 2,000+ happy customers

Penetration Testing

Penetration Testing or Pen Testing is a technical review of your systems, your processes and sometimes your people. Penetration Testing is carried out to uncover vulnerabilities, threats and risks that an attacker could exploit in software applications, networks or web applications.

Penetration Testing can be called many things. We commonly see pentest, pentesting and PENtest. They are all the same thing.

We perform a number of different types and classes of penetration testing to help enable you to get the maximum return on your testing investment.

You reduce your Cyber Risk with penetration testing, as well as protect your customers and your own information as well help maintain your reputation.

How Penetration Testing helps your business

Know whether your critical assets are at risk

Identify and mitigate complex security vulnerabilities before an attack can exploit them

Get realistic findings and comprehensive recommendations

Understand how the most sophisticated attackers operate based on intelligence gained over 10 years of being in business


Penetration Testing Detail

Our penetration tests leverage deep knowledge of attacker’s behaviours and methods. We use the same tools, tactics and procedures (TTPs). Every test is custom built to every client’s needs and requirements. We assess specific aspects of the security program and the state of security of systems, networks and applications within the scope.

We set modern, realistic goals for our talented penetration testers to attempt to achieve. These are the same goals that actual attackers would have in place to justify their time and investment in their attacks.

We have some pre-built testing packages for web apps, mobile application, external infrastructure, internal penetration testing, IoT device testing but if you need something more bespoke and in-depth, Hedgehog can help.


Join over 2,000+ happy customers

Vulnerability Scanning

The Hedgehog Vulnerability Scanning service is here to help you protect your external infrastructure, keeping your business and your data safe. The vulnerability scanning service is fast and easy to use. Using our external vulnerability scanning service will enable you to:

How Vulnerability Scanning helps your business

Scan for thousands of vulnerabilities in your firewall and external-facing services, helping you see exactly what criminal hackers can see;

Identify all the weak spots that need attention through detailed reports;

Act quickly to fix your security weaknesses before criminal hackers find and exploit them;

Protect customer data and your brand reputation.


How we run Vulnerability Scans

Our scanning service is very simple to use. You simply log into our scanning platform (access will be provided following your purchase) and enter your IP addresses or URLs. If you would like to use the scheduler, you can choose the time and date you want your scans to run. Once the scans are completed you can view your reports online.

If you need to rerun your scans, you can do this direct from the scanner interface whenever you need to.


3 Types of Scanning

We have three different levels or types of vulnerability scanning available. The standard vulnerability scan is our foundation service at £8 per asset scanned. Our Advanced service removes 99% of all false positives so you are only working on actual vulnerabilities. Our Advanced scanning service is £18 per asset scanned.

To completement these two services, and to fill the gap between vulnerability scanning and full penetration testing, we offer a Lightweight Pentest at £345 per asset scanned.


Join over 2,000+ happy customers

Cyber Essentials

Cyber Essentials is the Government-backed, industry supported foundation for basic cyber security hygiene. The Scheme has been carefully designed to guide organisations of any size in protecting themselves against cyber threats.

The foundation level is an independently verified self-assessment. You complete an online assessment questionnaire which is approved by a Senior Executive of your business. Upon submission, we will independently review and confirm your responses. If successful, we will award you the requisite certificate and badge that you can display on your company website.

The next stage of your security journey and involves both independent internal and external tests of your network and computers. You must have been awarded the foundation level certification in the last three months before you can proceed with accreditation. Successful accreditation provides a higher level of assurance. It demonstrates that your organisation has a robust cyber security regime. It shows that controls are present to maintain a vigorous defence against Internet-based attacks.

How Cyber Essentials helps your business

Rapid turn-around

Real support from a CISO

Cost effective, simple and hassle-free

More than 2000 successful audits prove we know what we are doing


Cyber Essentials Costs

The cost of Cyber Essentials can vary quite a lot between assessment companies. We have always endeavoured to keep our costs very transparent. Below you can see the costs and if you wish, you can purchase directly on our site by clicking on your required option.

Cyber Essentials Assessment only: £250.00 plus VAT

Cyber Essentials Plus for up to 50 devices, all being the same build: £1,500.00 plus VAT

We also offer Cyber Essentials Plus for larger networks. You can select the size of your network from the dropdown option on the CE Plus page above.

For companies with more complex needs, please simple download, complete and return this Cyber Essentials Scoping sheet and we will send you a bespoke price.


Join over 2,000+ happy customers

IT Health Checks

The PSN (Public Services Network) is the UK government’s network that connects all public services together. The network, which helps public sector organisations work together, reduces duplication and enables sharing of resources.

We offer complete penetration testing and IT Health Check services to assist with your PSN CoCo (Code of Connection) submission. We regularly work with councils to perform ITHC’s for PSN compliance. We are contracted by several local and regional councils and departments to provide single and multi-year compliance audit programs.

How IT Health Checks helps your business

Approved for Local Government through the CREST scheme

10 Years of experience performing PSN IT Health Checks


What is in the PSN IT Health Check

An IT Health Check required both an Internal and an External assessment by a qualified assessor / auditor.

Depending on the size of the network and number of devices, sample testing of a minimum of 10 per cent of the estate can be performed and correct scoping is critical to ensure that the service offered meets the CoCo requirements without being overbearing and over budget.


External Testing

The External Assessment part of the ITHC should include public-facing services such as email servers, web servers and other systems such as the firewalls in place to prevent unauthorised access from the public Internet into your organisation.

Any other inbound connections from the Internet such as Remote Access or Site-to-Site Virtual Private Networks (VPNs) also need to be penetration tested as part of the engagement. This assessment takes place for the infrastructure and authentication methods in place to protect the connections.


Internal Testing

Internal testing takes the form of a Penetration Test and should include Vulnerability Scanning and a thorough Manual Analysis of your internal network.

At a minimum it should include:

Desktop and Server build and configuration, and network management security
Patching of Operating Systems, Applications and Firmware levels
Configuration of Remote Access solutions including Virtual Private Networks (VPNs) and the associated authentication
Build and Configuration Review of Laptops and other Mobile devices such as phones and tablets used for remote access
Internal Security Gateway configuration including the Firewall connection to the PSN network.
Wireless Network configuration

The assessment of the above look to provide assurance that your internal systems are configured in a secure manner and are being properly maintained.


Why choose Hedgehog Cyber Security?

Cyber Security for any size of business

CREST member company

Team of friendly certified experts

Latest from our Blog

See All Articles ➔
Telegram, the new Darknet Forum?

Telegram, the new Darknet Forum?

Criminals are now using Telegram to buy, sell, and distribute the compromised data and malware tools. Is Telegram the new darknet forum? Read full article
12 Ways to Protect your Affiliate Business From Cyber Attack

12 Ways to Protect your Affiliate Business From Cyber Attack

Securing your affiliate business is essential for looking after your clients, keeping out attackers and protecting your data. You can take several steps to protect your business, your clients, and your data from cybercriminals. Read full article
10 Ways to protect your home/office network

10 Ways to protect your home/office network

Our homes are more technologically advanced than ever. The family home now contains a wide range of gadgets and devices that require an internet connection. What was once just a computer now includes a tablet, phone, fridge, TV and baby monitor. Read full article
5 ways to spot a phishing email

5 ways to spot a phishing email

Phishing emails are the most common online threat. It is essential to know how to spot a phishing email and what to do with them. Here are five ways to spot, and defender yourself against, phishing attacks. Read full article